I was with Eclipse before I was with Zen and after the KCOM takeover, I started to find that my internet connection became extremely throttled when downloading stuff. Like, they would reduce my bandwidth by 80%. I then noticed that all their residential packages had disappeared, so I pretty much came to the conclusion that they wanted their residential customers gone. My experience was bad with them. Even their customer support took 3 phone calls to fix an issue, over a period of about 3-4 weeks. I have since moved to Zen and for the past year and a half with them not had an issue.

KCOM has the monopoly for Hull. In fact not just the monopoly but they are practically the only provider - About the only alternative is wifi broadband via Connexin (http://www.kitz.co.uk/isp/isp_information.php?isp=connexin).

At one time I wondered if KCom were going to branch out more nationwide as they bought out Mistral who were one of the major SP's used by Utilities Warehouse, but they seem to have not done anything much with it. It seems they are doing the same with Eclipse. I'm not quite sure the logic behind purchasing national ISPs then in effect winding down the residential retail arm.

Quote

Many are still without broadband access today as the operator struggles to rectify the disruption, which first hit users on Saturday.

The firm says that the issue is an "intermittent problem" and is not concentrated on any particular area.

"While some customers have been able to reconnect immediately, other customers' routers will need to be reset before they can connect to the internet again."

They had obviously been hit by the Mirai type bot too. I was made aware of the problem several days ago but after reassurances that the VMG series were not involved, was requested not to post anything until affected ISPs had the patches available to roll out.

They had obviously been hit by the Mirai bot too. I was made aware of the problem several days ago but after reassurances that the VMG series were not involved, was requested not to post anything until affected ISPs had the patches available to roll out.

I'm disappointed (but not surprised) that they wanted to cover it up and perhaps more disappointed that you agreed. I think this should have been made public as soon as possible. Waiting for a roll out of a fix is not acceptable, however turning off tr069 and 064 would have been a good move in my view. I will never run any modem with anything like that enabled as I certainly dont trust any ISP to have access to my router for any purpose.

The details are already publicly available on the web. Not so much about which devices are or aren't vulnerable, but the technical details of the firmware implementation flaws are very clear.

It seems such a huge glaring flaw, that it's quite possible that it was being quietly exploited on a low-scale long before it became public and widespread recently.

I also feel that keeping quiet meant that those who had not been exploited lost the opportunity to turn off those functions and therefore prevent a problem, plus those who had been exploited continued in ignorance and maybe just maybe could have stuff harvested from their PCs or network..

I'm sorry but keeping this quiet is not a good idea, except n one solitary circumstance and that is where someone finds a potential hole and reports it to the manufacturer prior to its exploitation but if in any doubt it has been used then it should become public.

If it had been the VMG series then my re-action would have been entirely different. I only got to hear about the Zyxel's AMG1302.Afaik no-one on this forum uses them as they are ISP modems used by KCom and locked down to Eircom. We dont have any of their users as regs. TBH at the time I thought it was only Eircom and didn't know about Kcom until later.

If you notice, no-one including the press publically announced this until a fix had been found and the ISPs concerned had started rolling it out. Letting the world know that many thousands of AMG1302 are vulnerable and wide open to the world is hardly a good idea. They were in a state of the WAN interface being wide open and being publicly accessible to ANYONE, not just those who had released the exploit.

As ejs says the basic info about the flaw is and already was available. Once info was in the public domain then all it would take is script kiddies to start going through all of KCom/Eircoms IPs. It wouldnt take them too long to put 2 and 2 together. They then could possibly have access to a lot more info and do far more damage than the current situation which was being unable to access the internet.

Srsly if I'd said anything publicly then it would have been akin to announcing hey go attack the following IP ranges and you'll be right inside their network. There's currently x thousand modems wide open this week to do what you want with. Most, if not all ISPs knew what was going on quite soon, but decided it was best not saying anything until after the patches had been released otherwise you are just exposing many thousands more who do not read tech news and wouldnt have a clue how to block ports.

From what I can gather (my assumption) is that who-ever was behind the release this past week wasn't going after anything specific and it was probably more of a proof of concept type attack to show just what was possible, rather than actually hack user info. IMHO the ISPs concerned did the best thing by trying to keep a lid on it until their modems were patched, the alternative could have been one heck of a lot worse.

Knocking people offline was probably not the intention, the likely intention of the worm / botnet is to spread by infecting more devices and use their Internet connections for DDoS purposes. If people were knocked offline completely, that could have been due to the attempt to download and execute the software into the router failing, but corrupting the settings and causing the device to stop working.